package cloud.xuxiaowei.passport.controller;

import cloud.xuxiaowei.utils.Response;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author xuxiaowei
 * @since 0.0.1
 */
@RestController
@RequestMapping("/test/role")
public class RoleRestController {

	/**
	 * 拥有角色 ROLE_R1 可以访问
	 */
	@RequestMapping("/r1")
	@PreAuthorize("hasRole('ROLE_R1')")
	public Response<?> r1() {
		return Response.ok();
	}

	/**
	 * 拥有角色 ROLE_R1、ROLE_R2 或 ROLE_R3 可以访问
	 */
	@RequestMapping("/r-any")
	@PreAuthorize("hasAnyRole('ROLE_R1', 'ROLE_R2', 'ROLE_R3')")
	public Response<?> rAny() {
		return Response.ok();
	}

	/**
	 * 同时 拥有角色 ROLE_R1 和 ROLE_R2 才可以访问
	 */
	@RequestMapping("/r-and")
	@PreAuthorize("hasRole('ROLE_R1') and hasRole('ROLE_R2')")
	public Response<?> rAnd() {
		return Response.ok();
	}

}
